Cisco buys Virtuata to beef up VM security

Cisco is buying Virtuata, a specialist in virtual machine security, and will meld that company into its data center security group led by Cisco SVP David Yen.

As more companies virtualize their workloads not only across servers but across data centers and organizations, the need to bolster security of the VMs is likewise growing. Bromium, a high-profile startup founded by Xen hypervisor co-creators Ian Pratt and Simon Crosby, is one example of this trend. Another startup, PrivateCore, is attacking this problem by securing the physical machinery on which VMs run.

The deal was disclosed in a blog post by Hilton Romanski, Cisco VP of corporate development on Monday. Romanski wrote:

Virtuata uses the XenClient extensible virtualization Service VM architecture to establish a dynamic root of trust. By design, the XenClient hypervisor acts as the Trusted Computing Base (TCB). It then enables Virtuata to extend the trust dynamically to loadable legitimate executable programs forming a dynamic root of trust. Once running, only the code belonging to those good programs can run. By preventing good apps from getting infected, they lock out the sorts of advanced threats (like code exploitations and injection and return-oriented attacks) that have been leading headlines for the last couple of years. Thus, rather than waiting for the attack to happen and then reactively publishing signatures to detect that particular attack, they proactively protect known good and legitimate programs directly in memory.